From 556d5bd3c894bb0f78fdc40baaa6b1b81cc33ab8 Mon Sep 17 00:00:00 2001
From: Trenton Holmes <797416+stumpylog@users.noreply.github.com>
Date: Sat, 2 May 2026 11:02:44 -0700
Subject: [PATCH] probably connects it to the Github UI

---
 .github/workflows/ci-static-analysis.yml | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/.github/workflows/ci-static-analysis.yml b/.github/workflows/ci-static-analysis.yml
index a79c70f9e..eb63c7eac 100644
--- a/.github/workflows/ci-static-analysis.yml
+++ b/.github/workflows/ci-static-analysis.yml
@@ -46,6 +46,13 @@ jobs:
         uses: pypa/gh-action-pip-audit@1220774d901786e6f652ae159f7b6bc8fea6d266 # v1.1.0
         with:
           inputs: /tmp/requirements-all.txt
+          format: sarif
+          output: results.sarif
+      - name: Upload results to GitHub code scanning
+        uses: github/codeql-action/upload-sarif@c10b8064de6f491fea524254123dbe5e09572f13 # v4.35.1
+        if: always()
+        with:
+          sarif_file: results.sarif
   semgrep:
     name: Semgrep CE
     runs-on: ubuntu-24.04